CVE-2009-4737

JustSystems Corporation Ichitaro <13 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter."

References (10)

Core 10
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34611
Patch, Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0957
Patch, Vendor Advisory x_refsource_confirm
http://www.justsystems.com/jp/info/js09002.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/53349
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34403
Third Party Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49739
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN33846134/index.html

Scores

EPSS 0.0348
EPSS Percentile 87.7%

Details

CWE
CWE-119
Status published
Products (10)
justsystems/ichitaro 13
justsystems/ichitaro 2004
justsystems/ichitaro 2005
justsystems/ichitaro 2006 (2 CPE variants)
justsystems/ichitaro 2007 (2 CPE variants)
justsystems/ichitaro 2008 (2 CPE variants)
justsystems/ichitaro 2009 (3 CPE variants)
justsystems/ichitaro bungei
justsystems/ichitaro_viewer 19.0.1.0
justsystems/ichitaro_viewer 20.0.2.0
Published Apr 06, 2010
Tracked Since Feb 18, 2026